WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Restaurant Menu by MotoPress Plugin in version 2.4.0 and earlier has a cross-site scripting vulnerability that stems from the plugin’s inability to properly clean up or escape input when creating new menu items, which could be exploited by an attacker to execute JavaScript code.